From 18ce7037879e5d6461ab3d0a14d4aa9ba5b0316f Mon Sep 17 00:00:00 2001
From: smaury <maury9219@gmail.com>
Date: Wed, 7 Oct 2015 06:18:51 -0700
Subject: [PATCH] fixes #18730, prevent reflected XSS in analytics logger

---
 analytics/logger/dojoxAnalytics.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/analytics/logger/dojoxAnalytics.php b/analytics/logger/dojoxAnalytics.php
index e472498919..0a41ef8f25 100644
--- a/analytics/logger/dojoxAnalytics.php
+++ b/analytics/logger/dojoxAnalytics.php
@@ -21,7 +21,7 @@
 	
 	fclose($handle);
 
-	$response = '{"eventsReceived": "' . sizeof($items) . '", "id": "' . $id . '"}';
+	$response = '{"eventsReceived": "' . sizeof($items) . '", "id": "' . htmlentities($id) . '"}';
 	if ($_REQUEST["callback"]){
 		print htmlentities($_REQUEST["callback"]) . "(" . $response . ");";
 	}else{